Manage users
Create a user
- Click on Administration
- Click on Users
- Click on Add a new user
- Type the authentication information of the user
- Choose whether the user should be an administrator or a standard account
- Confirm with the “Create” button
Disable a user
- Click on Administration
- Click on Users
- Choose the user you want to disable
- Uncheck the “Active” checkbox
- Confirm with the “Update” button
The user account will then be disconnected from its current session and will not be able to use the Cyberwatch software anymore.
Delete a user
- Click on Administration
- Click on Users
- Choose the user you want to delete
- In the page dedicated to the user, click on the “Delete” button
- Confirm
The user account will then be disconnected from its current session and will not be able to use the Cyberwatch software anymore.
Security and protection measures
The following protection measures are set to protect access to the application:
- Attempts to connect to the application by brute force are blocked based on IP
- A protection mechanism is set to prevent account enumeration attempts by timing on the application login form
- Failed connection attempts are logged
- The authorized inactivity time for users before automatic logout is set to 2 hours
- If multiple sessions exist for a given user, it is possible to end the inactive one from the user’s profile
Impersonate
An Administrator user can take control of another user by clicking on the “impersonate” logo.
Taking control will enable the user to navigate and perform actions in Cyberwatch via the controlled account.
Actions performed in this way will be listed in the “Activities” section with the “Impersonate” logo.
By hovering over this icon, the following message appears with the identifier of the account that has taken control: “Under control by identifier”.
Example of use cases:
- Take control of a robot account
- Delete daily exports
- Delete a compromised API key
- Delete a comment on an asset containing sensitive information
- Support another user by seeing what they see
- Perform a demonstration
- Ensure that user rights are correct